IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [ip-spoofing]

IP spoofing, also known as IP address forgery or a host file hijack, is a hijacking technique in which a cracker masquerades as a trusted host to conceal his identity, spoof a Web site, hijack browsers, or gain access to a network.

IP spoofing, also known as IP address forgery or a host file hijack, is a hijacking technique in which a cracker masquerades as a trusted host to conceal his identity, spoof a Web site, hijack browsers, or gain access to a network.

174 questions
107
votes
12 answers

Why is it difficult to catch "Anonymous" or "Lulzsec" (groups)?

I'm not security literate, and if I was, I probably wouldn't be asking this question. As a regular tech news follower, I'm really surprised by the outrage of Anonymous (hacker group), but as a critical thinker, I'm unable to control my curiosity to…
claws
  • 2,145
  • 5
  • 19
  • 22
85
votes
10 answers

How and why is my site being abused?

I own a popular website that allows people to enter a phone number and get information back about that phone number, such as the name of the phone carrier. It's a free service, but it costs us money for each query so we show ads on the site to help…
Marc
  • 699
  • 1
  • 4
  • 4
44
votes
3 answers

Can I trust the source IP of an HTTP request?

As far as I've understood, if you try to issue a HTTP request with a spoofed IP address, then the TCP handshake fails, so it's not possible to complete the HTTP request, because the SYN/ACK from the server doesn't reach the evil client ... ...in…
KajMagnus
  • 687
  • 1
  • 5
  • 10
43
votes
8 answers

Is it a bad idea to bypass login wall for a specified IP address?

I have a website that is available on the public internet. The website requires authenticated login before any of the content can be accessed. I've been asked if I can remove the login wall for users on a single static IP (the organisation's office)…
tommarshall
  • 539
  • 4
  • 5
42
votes
6 answers

Can I change my public IP address to a specific one?

It happens that I participate in a bug hunting program and analyzing the app I realized that there is a particular parameter that is very important for access control and that only changes with the IP address. Anyway, the question here is if I can…
Carlos Bello
  • 575
  • 4
  • 11
38
votes
4 answers

How does IP address spoofing on the Internet work? Who can do it?

Someone recently told me that the NSA could impersonate pretty much anyone they want by using IP address spoofing on the Internet. But how would that work and to what extend is it true anyway? Could any ISP in the world just spoof any IP address…
Forivin
  • 979
  • 1
  • 11
  • 17
35
votes
5 answers

Is it possible to spoof an IP address to an exact number?

The title says it all really. Say my IP address was 1.2.3.4 and I wanted to change or 'spoof' it so that its exactly 2.3.4.5, would this be possible or are there too many varying factors that need to be taken into account before getting a definitive…
James
  • 453
  • 1
  • 4
  • 6
31
votes
4 answers

Is it possible to pass TCP handshake with spoofed IP address?

Little time ago, me and my friends argued if TCP handshake can be passed with a spoofed IP address. Assume I have a web server that allows only certain IP addresses. Can anyone connect that web server by IP spoof?
ibrahim
  • 571
  • 3
  • 7
  • 13
28
votes
6 answers

How does a server obtain the IP Address of a user?

How does a server obtain the IP Address of a user? Is it possible to fool the server by spoofing the IP Address?
open source guy
  • 1,909
  • 9
  • 25
  • 27
27
votes
6 answers

What security risks does IP spoofing bring?

By manipulating the TCP packet and changing the source address one is able to spoof the IP. As I understand it, you will not be able to set up a full handshake by doing this, as you will never receive the returning packets. Does anyone know how this…
Chris Dale
  • 16,119
  • 10
  • 56
  • 97
25
votes
2 answers

In what scenarios is relying on source IP address as a security control acceptable/unacceptable?

A number of questions on this site mention relying on source IP address as a control and in most of them it is dismissed as being unreliable. In what circumstances might using source IP address as a control be a potentially useful idea or a bad idea…
Rory McCune
  • 60,923
  • 14
  • 136
  • 217
22
votes
4 answers

How are spoofed packets detected?

My assumption: When a firewall is configured to drop spoofed packets, it tries to ping (not necessarily ICMP) the source IP and sees if it belongs to a real host or if it's up, and if not, it drops the packet. My question: What happens if the source…
Adi
  • 43,808
  • 16
  • 135
  • 167
19
votes
3 answers

Vulnerable code suggested on OWASP?

Session Hijacking Prevention It is good practice to bind sessions to IP addresses, that would prevent most session hijacking scenarios (but not all), however some users might use anonymity tools (such as TOR) and they would have problems with your…
H M
  • 2,897
  • 6
  • 22
  • 21
18
votes
5 answers

Why don't ISPs filter on source address to prevent spoofing?

I'm under the impression that if all the ISPs were required to filter on the source IP address of all outbound packets, that spoofing would be reduced considerably. Are any ISPs implementing this practice? Should they?
makerofthings7
  • 50,090
  • 54
  • 250
  • 536
15
votes
2 answers

How easy/difficult is it to spoof DNS? Are some scenarios safer/more risky than others?

Practically speaking, how easy difficult is it to spoof DNS? What scenarios are more risky than others? For example: A phishing email or twitter link that attracts users to click a hyperlink A link on an internal sharepoint site on a different…
makerofthings7
  • 50,090
  • 54
  • 250
  • 536
1
2 3
11 12